Security firm warns against phishing campaign targeting MetaMask

ambcrypto.com:

A cybersecurity company has issued alerts regarding a fresh phishing campaign. One that is going after users of the well-known cryptocurrency wallet – MetaMask.

The ongoing phishing campaign used emails to target MetaMask users and deceived them into disclosing their passphrase. This, according to a blog post by Halborn’s Technical Education Specialist Luis Lubeck.

To alert users to the new fraud, the company examined phishing emails it had received in late July. Halborn claimed that the email appears legitimate at first glance thanks to a MetaMask header and logo and instructions instructing users on how to comply with Know Your Customer (KYC) rules.

Halborn also pointed out that the letter contains several warning signs. The two most noticeable ones were misspellings and an email address that was not the sender’s. Furthermore, the phishing emails were sent through a phony domain called the meta mask auction.

Phishing attacks are social engineering attempts to steal cryptocurrencies using targeted emails. These entice victims into disclosing more personal information or clicking links to nefarious websites.

The company also pointed out that the message lacked customization – Another red flag. The malicious link to a bogus website that requests users to enter their seed phrases before forwarding to MetaMask to empty their cryptocurrency wallets is shown when the call to action button is hovered over.

Researchers from Halborn noted a situation in which a user’s private keys may be located unencrypted on a drive in a compromised computer in June. Following the discovery, MetaMask modified version 10.11.3 and later, its extension too. 

Following the disclosure of client emails by a third-party vendor employee last week, Celsius